WHAT IS CLAIMED IS: 



1 . In a data processing system, a method for updating a utility, comprising the steps 
of: 

receiving a request to unlock the utility; 
verifying an update to the utility; and 

using a system management interrupt (SMI) handler to query a status of the 
verifying step. 

2. The method as recited in claim 1, further comprising the step of: 

if the verifying step successfully verifies the update of the utility, unlocking the 
utility and updating the utility. 

3. The method as recited in claim 1, further comprising the step of: 

not unlocking the utility if the verifying step fails to verify the update to the 

utility. 

4. The method as recited in claim 2, wherein the verifying step is performed by a 
trusted platform module (TPM) in accordance with Trusted Computing Platform Alliance 
Specifications. 

5. The method as recited in claim 4, wherein the SMI handler used to query the 
status of the verifying step queries the TPM for the status. 

6. The method as recited in claim 5, wherein the SMI handler is issued by the TPM. 
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7. The method as recited in claim 2, further comprising the step of: 

after the utility has been updated, locking the utility with the SMI handler. 

8. The method as recited in claim 1, wherein the utility is a flash utility. 

9. The method as recited in claim 2, wherein the requesting step is performed by 
SMI handler. 
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1 10. A computer program product adaptable for storage on a computer readable 

2 medium and operable for updating a utility, comprising: 

3 programming for receiving a request to unlock the utility; 

4 programming for verifying an update to the utility; and 

5 programming for using a system management interrupt (SMI) handler to query 

6 a status of the verifying programming. 

1 11. The computer program product as recited in claim 10, further comprising: 

2 if the verifying programming successfully verifies the update of the utility, 

3 programming for unlocking the utility and updating the utility. 

1 12. The computer program product as recited in claim 10, further comprising: 

2 programming for not unlocking the utility if the verifying programming fails to 

3 verify the update to the utility. 

1 13. The computer program product as recited in claim 11, wherein the verifying 

2 programming is performed by a trusted platform module (TPM) in accordance with 

3 Trusted Computing Platform Alliance Specifications. 

1 14. The computer program product as recited in claim 13, wherein the SMI handler 

2 used to query the status of the verifying programming queries the TPM for the status. 

1 15. The computer program product as recited in claim 14, wherein the SMI handler 

2 is issued by the TPM. 



RPS9-2001-0042 



-15- 



16. The computer program product as recited in claim 1 1 , further comprising: 
after the utility has been updated, programming for locking the utility with the 

SMI handler. 

17. The computer program product as recited in claim 11, wherein the requesting 
programming is performed by an SMI handler. 
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1 18. A data processing system comprising: 

2 a processor; 

3 a trusted platform module (TPM) coupled to the processor and operating under 

4 Trusted Computing Platform Alliance Specifications; 

5 a BIOS utility stored in flash memory coupled to the processor; 

6 an input circuit for receiving an update to the BIOS utility; and 

7 a bus system for coupling the input circuit to the processor; 

8 a BIOS update application requesting an unlock of the flash memory from a 
13 9 system management interrupt (SMI) handler; 

10 the SMI handler including programming for requesting cryptographic verification 

^ 11 of the BIOS utility update from the TPM; 

Ifl 12 the TPM including programming for verifying an authenticity of the BIOS utility 

III 

13 update; 

* 14 the TPM including programming for issuing an SMI to query the TPM for a status 

|||! 15 on the verifying of the authenticity of the BIOS utility update; 

1 1 16 the SMI handler unlocking the flash memory if the SMI handler sets the status as 

17 successful; 

1 8 the BIOS update application updating the BIOS utility with the update; and 

1 9 the SMI handler locking the flash memory after the update of the BIOS utility has 

20 completed. 
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1 19. A method comprising the steps of: 

2 (a) a BIOS update application requesting an unlock of a flash utility from a 

3 system management interrupt (SMI) handler; 

4 (b) determining if a verification of an update to the flash utility is pending; 

5 (c) if verification of the update to the flash utility is not pending, the SMI 

6 handler requesting verification of the update to the flash utility from a trusted platform 

7 module (TPM) and setting a status flag as pending; 

8 (d) exiting the SMI handler and returning status flag to the BIOS update 
W 9 application; 

%3 10 (e) receiving by the BIOS update application the status flag from the SMI 



|1 11 handler; 

IJI 12 (f) returning to step (a) if the status flag is set as pending after step (e); 

Q 13 (g) in response to step (c), the TPM verifies the update to the flash utility; 

14 (h) when step (g) is completed, issuing an SMI by the TPM to query if the 

6i 15 verification of the update to the flash utility was successful or failed; 
|f| 1 6 (i) setting the status flag as successful if the verification of the update to the 



7 J' 17 flash utility was successful; 

18 (j ) setting the status flag as failed if the verification of the update to the flash 

19 utility was not successful; 

20 (k) if step (b) determines that verification of the update to the flash utility is 

21 still pending, determining if the verification of the update to the flash utility has 

22 completed; 

23 (1) if step (k) determines that verification of the update to the flash utility has 

24 not completed, setting the status flag as pending; 



RPS9-2001-0042 



- 18- 



25 (m) if step (k) determines that verification of the update to the flash utility has 

26 completed, determining if the verification of the update to the flash utility was 

27 successful; 

28 (n) if step (m) determines that the verification of the update to the flash utility 

29 was not successful, setting the status flag as failed; 

30 (o) if step (m) determines that the verification of the update to the flash utility 

3 1 was successful, the SMI handler unlocking the flash utility and setting the status flag as 

32 successful; 

; | 33 (p) performing steps (d) and (e) in response to any of steps (1), (n), or (o); 

\§ 34 (q) determining if the status flag is set as successful if after step (e) it is 

35 determined that the status flag is not set to pending; and 
JJ| 36 (r) updating the BIOS with the update to the flash utility and locking the flash 

13 37 utility with the SMI handler if the status flag is determined to be set to successful in step 

h 38 fo>- 
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